Browse Prior Art Database

DEA Based Pseudorandom Number Generator

IP.com Disclosure Number: IPCOM000108831D
Original Publication Date: 1992-Jun-01
Included in the Prior Art Database: 2005-Mar-23
Document File: 4 page(s) / 131K

Publishing Venue

IBM

Related People

Abraham, D: AUTHOR [+6]

Abstract

This article describes a data encryption algorithm (DEA)-based pseudorandom number generator with characteristics particularly suited for implementation within cryptographic systems. Two 64-bit values produced as outputs of two DEA cyclic generators, respectively, are Exclusive ORed to produce a single 64-bit random number. number. Although the output of each cyclic generator does not repeat in 2**64 cycles, the Exclusive OR product of the two generators does repeat, and therefore more closely resembles a pseudorandom number generator. (In a sample of 2**32 outputs, the probability of 1 or more repeated values is 0.393.)

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 52% of the total text.

DEA Based Pseudorandom Number Generator

       This article describes a data encryption algorithm
(DEA)-based pseudorandom number generator with characteristics
particularly suited for implementation within cryptographic systems.
Two 64-bit values produced as outputs of two DEA cyclic generators,
respectively, are Exclusive ORed to produce a single 64-bit random
number. number.  Although the output of each cyclic generator does
not repeat in 2**64 cycles, the Exclusive OR product of the two
generators does repeat, and therefore more closely resembles a
pseudorandom number generator.  (In a sample of 2**32 outputs, the
probability of 1 or more repeated values is 0.393.)

      Fig. 1 illustrates a cryptographic system consisting of a
cryptographic facility (CF) 1 with a pseudorandom number generator
(RNG) 6, a key storage 3, a cryptographic facility access program
(CFAP) 4, and application programs (APPLs) 5.  Random numbers are
generated within the CF 1 in response to invoked key management
instructions requiring internally randomly generated cryptographic
keys or in response to application program requests for random
numbers (e.g., initial chaining vectors).  The steps in fulfilling an
application program request for a random number can be traced.  An
APPL requests a random number from CFAP, a request REQA at 7.  In
turn, CFAP issues a random number generation request REQB to the CF
at 8.  The crypto instruction execution engine (CIEE) decodes request
REQB and, in turn, issues a re quest for a random number to the
random number generator (RNG) at 9.  (Note that the crypto
instruction execution engine also issues requests for random numbers
to RNG 6 in response in invoked cryptographic instructions requiring
randomly generated cryptographic keys.)  The so-generated 64-bit
random number RNDNK is returned by the crypto instruction execution
engine to CFAP at 10.  CFAP returns the random number RND to the
requesting APPL at 11. 11.  Alternatively, if REQA is a key
management request, thereby making REQB a key management instruction
and RNDNK an encrypted randomly-generated-key, then REQA may direct
CFAP to store RNDNK in key storage at 12.

      Fig. 2 illustrates the pseudorandom number generator algorithm
implemented in random number generator 6 of Fig. 1.  The algorithm
makes use of two DEA cyclic generators labeled "DEA Triple
Encryption."  Each DEA cyclic generator has a 64-bit data input and a
128- bit key input, where the triple encr...